Agentic AI is taking center stage at the Google Cloud Security Summit 2025. New features are set to enable the securing, monitoring, and deployment of AI agents in a variety of ways.
Google Agentspace and Agent Builder are being expanded with new capabilities. Discovering AI agents and MCP servers should now also recognize vulnerabilities, misconfigurations, and risky interactions in these AI workloads.
In addition, Google is extending the real-time protection of Model Armor to Agentspace. This technology provides protection against runtime threats such as prompt injection, jailbreaking, and sensitive data leaks during agent interactions. Specialized posture controls will also be introduced to help AI agents comply with security guidelines and organizational standards.
Google is also adding new threat detections to Security Command Center, based on practical knowledge acquired from Mandiant. These detections help organizations respond to incidents involving risky behavior and external threats. The system can recognize suspicious behavior on agent assets and respond accordingly.
Agentic SOC: AI supports security teams
Google presents its vision of an ‘agentic security operations center’ in which agents work together to achieve shared goals. The Alert Investigation agent, now available in preview, can autonomously enrich events, analyze command line interfaces, and build process structures. This is done based on best practices from Mandiant’s human analysts.
This agent not only assesses alerts, but also provides recommendations for next steps that require human intervention. This allows security teams to significantly reduce manual work while shortening response times.
Identity management becomes smarter
Agentic IAM will be available later this year, enabling customers to enable agent identities in cloud environments. Google Cloud provides automatic provisioning of agent identities and supports various credential types and authorization policies.
The IAM role picker in preview allows users to grant least-privilege access with Gemini. By describing desired actions, they immediately receive recommendations for the most appropriate, least risky role. Reauthentication ensures that highly sensitive actions such as updating billing accounts do not happen without permission. This feature is enabled by default, so anyone with less confidence in AI agents than others is reassured out of the box.
Unified Security gets new dashboards
Within Google Unified Security, the company is introducing SecOps Labs in Google Security Operations. This environment provides early access to the latest capabilities, many of which were developed with Gemini AI. Organizations can now experiment with AI-driven parsing, detection, and response capabilities.
The new dashboards in Google Security Operations show native integration of SOAR data. These have been developed with feedback from early adopters and help users visualize, analyze, and act on their security data.
In the mobile space, Chrome Enterprise is extending security capabilities to Android and iOS. This includes URL filtering on iOS, which allows organizations to block access to unapproved websites. This helps reduce shadow AI risks and strengthens Google’s position in the enterprise browser space, an emerging area of focus.
Cloud security is being expanded
Google is announcing several updates to cloud security beyond agentic AI. The Compliance Manager in preview unifies policy definitions, control configurations, and monitoring. AI also comes into play here. New recommended AI controls automate workload compliance through built-in baselines and continuous monitoring.
Data Security Posture Management then provides governance for security and compliance with sensitive data. Native integration with BigQuery Security Center allows data professionals to monitor their security posture directly in the BigQuery console.
Risk Reports, also in preview, highlight unique cloud security issues that make organizations vulnerable to attacks. These reports leverage Security Command Center’s virtual red team technology.
Broader protection for AI workloads
Sensitive Data Protection is expanding to Vertex AI and AI-related assets in BigQuery and CloudSQL. The system can now also inspect images for sensitive data such as barcodes and license plates.
Cloud NGFW now supports hierarchical security policies and address groups at the organizational level. Cloud Armor Enterprise gets updated inspection limits for WAF rules and support for rate limiting based on JA4 fingerprints.
According to Google, these innovations demonstrate its commitment to making security a facilitator rather than a roadblock to innovation. By automating compliance and simplifying access management, organizations can strengthen their security posture faster and more easily.
However, there are many different additions, each with a use case that best suits it. Those who have not yet jumped on the agentic AI bandwagon, or have only done so to a limited extent, will at least have a greater degree of control and more secure options for the initial rollout.
Read also: Google Cloud introduces Rapid Storage for millisecond latency